Notification

Our software update is being released in phases. New features will gradually roll out across all regions. Stay tuned for updates.

Understand fingerprint security

Your fingerprint data is stored securely and never leaves your Pixel device or Nexus phone. Your fingerprint data isn't shared with Google or any apps on your device. Apps are notified only whether your fingerprint was verified.

If you're ready to get started using your fingerprint to unlock your phone or tablet, learn how to set up your fingerprints.

Cautions about fingerprints

Fingerprints are an easy way to unlock your phone or tablet. But a fingerprint may be less secure than a strong PIN, pattern, or password.

A copy of your fingerprint could be used to unlock your device. You leave fingerprints on many things you touch, including your phone or tablet.

Fingerprint data is stored securely

Google has strict guidelines for device makers about how fingerprint data can be stored on a Pixel or Nexus device.

Fingerprint hardware security requirements

Secure location

  • Capturing and recognizing your fingerprint must happen in a secure part of the hardware known as a Trusted Execution Environment (TEE).
  • Hardware access must be limited to the TEE and protected by an SELinux policy.
  • Fingerprint data must be secured within sensor hardware or trusted memory so that images of your fingerprint aren't accessible.

Secure storage & removal

  • Only the encrypted form of the fingerprint data can be stored on the file system, even if the file system itself is encrypted.
  • Fingerprint data must be removed from the device when a user is removed.
  • Rooting of a device must not compromise fingerprint data.
Fingerprint template authentication requirements

Google's guidelines require fingerprint templates — that is, the processed versions of raw fingerprint images — to be cryptographically authenticated.

Fingerprint templates must be signed with a private, device-specific key — like keyed-hash message authentication code (HMAC) — with at least the absolute file-system path, group, and finger ID, such that template files won't work on another device, or for anyone besides the person who set them up on the same device. For example, copying the fingerprint data from a different user on the same device, or from another device, must not work.

A device-specific encryption key — like Advanced Encryption Standard (AES) — must be used for fingerprint data so that a raw image or fingerprint template isn't readable by a separate device.

Related resources

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Google apps
Main menu
1065447648843530533
true
Search Help Center
true
true
true
false
false